From 7c1124804a8b63d55827d1e3cb2f23261847559b Mon Sep 17 00:00:00 2001
From: Noriko Hosoi <nhosoi@jiji.usersys.redhat.com>
Date: Nov 10 2011 20:58:23 +0000
Subject: Bug 750622 - Fix Coverity (11104) Resource leak:

             ids_sasl_user_to_entry (slapd/saslbind.c)

https://bugzilla.redhat.com/show_bug.cgi?id=750622

Bug Description: sasl_map_domap allocates strings for "base" and
"filter" in it; the caller ids_sasl_user_to_entry releases them
only when the function returns non-0 regexmatch (matched), but
even if the return value is 0 (did not match), the strings are
allocated.

Fix Description: underlying function sasl_map_check frees "base"
and "filter" if mapping did not match.
(cherry picked from commit 6af5ece3ca029271f2b2180c24bad546e2d64c45)

---

diff --git a/ldap/servers/slapd/sasl_map.c b/ldap/servers/slapd/sasl_map.c
index d6a84a7..3cdabac 100644
--- a/ldap/servers/slapd/sasl_map.c
+++ b/ldap/servers/slapd/sasl_map.c
@@ -517,6 +517,8 @@ sasl_map_check(sasl_map_data *dp, char *sasl_user_and_realm, char **ldap_search_
 					"sasl_map_check: slapi_re_subs failed: "
 					"subject: %s, subst str: %s (%d)\n",
 					sasl_user_and_realm, dp->template_base_dn, rc);
+				slapi_ch_free_string(ldap_search_base);
+				slapi_ch_free_string(ldap_search_filter);
 			} else {
 				/* Substitutes '&' and/or "\#" in template_search_filter */
 				rc = slapi_re_subs(re, sasl_user_and_realm,
@@ -527,6 +529,8 @@ sasl_map_check(sasl_map_data *dp, char *sasl_user_and_realm, char **ldap_search_
 						"sasl_map_check: slapi_re_subs failed: "
 						"subject: %s, subst str: %s (%d)\n",
 						sasl_user_and_realm, dp->template_search_filter, rc);
+					slapi_ch_free_string(ldap_search_base);
+					slapi_ch_free_string(ldap_search_filter);
 				} else {
 					/* these values are internal regex representations with
 					 * lots of unprintable control chars - escape for logging */